function index($ctx) { $ctx->title = '绑定微信账号'; setcookie('no_subscribe_prj', '', time() + 3600); $user = UC::auth(); if ($user) { $connect = WxConnect::get_by('user_id', $user['id']); if ($connect) { _redirect('/'); } } if (!$this->openid) { if (!$_GET['redirect']) { // 避免循环跳转 UC::logout(); // 使用域名 axelahome.com, 避免因为跨域导致 session 获取不到问题 $jump = _url('https://axelahome.com/weixin/bind', array('redirect' => 1)); $url = _url('https://axelahome.com/weixin/oauth', array('jump' => $jump)); _redirect($url); } _throw("链接已经过期, 请重新获取微信消息!", 200); } else { $connect = WxConnect::get_by('wx_openid', $this->openid); if ($connect) { _throw('此微信号已经绑定过懒投资账号, 请先解绑!'); } } }
function callback($ctx) { $jump = htmlspecialchars(trim($_GET['jump'])); self::validate_url($jump); if (!$this->appid || !$this->secret) { _redirect($jump); } $code = urlencode(htmlspecialchars(trim($_GET['code']))); if (!$code) { _redirect($jump); } $wx_url = 'https://api.weixin.qq.com/sns/oauth2/access_token'; $wx_url = "{$wx_url}?appid={$this->appid}&secret={$this->secret}&code={$code}&grant_type=authorization_code"; $resp = Http::get($wx_url); $ret = @json_decode($resp, true); if (is_array($ret) && $ret['openid']) { $connect = WxConnect::get_by('wx_openid', $ret['openid']); if ($connect) { Logger::info("wx_openid[{$ret['openid']}] oauth login, uid: {$connect->user_id}"); $profile = Profile::get($connect->user_id); if ($profile && $profile->status != Profile::STATUS_LOCK) { UC::force_login($profile); } } else { // 兼容 /weixin/bind, 因为它依赖 session 中的 openid, 所以这里设置 session_start(); $_SESSION['wx_openid'] = $ret['openid']; } } else { Logger::info("weixin oauth, code: {$code}, resp: {$resp}, " . Http::$error); } _redirect($jump); }
function init($ctx) { parent::init($ctx); $ctx->user = UC::auth(); if (!$ctx->user) { $url = $_SERVER['REQUEST_URI']; _redirect('login', array('jump' => $url)); return; } }
function syncredit($arr) { if (is_array($arr)) { foreach ($arr as $uid => $setv) { $updateMemberData = array(); foreach ($setv as $cid => $value) { $value = intval($value); $this->db->query("UPDATE " . $this->tablepre . "member SET member_points={$value} WHERE uid='" . UC::escape($uid) . "'"); $member_name = $this->db->result_first("SELECT member_name FROM " . $this->tablepre . "member WHERE member_id='" . UC::escape($uid) . "'"); $member_points = $this->db->result_first("SELECT member_points FROM " . $this->tablepre . "member WHERE member_id='" . UC::escape($uid) . "'"); $amount = $value - $member_points; $member_info = $model_member->infoMember(array('member_id' => $_SESSION['member_id']), 'member_points'); $this->db->query("INSERT INTO " . $this->tablepre . "points_log (pl_memberid, pl_membername, pl_points, pl_addtime, pl_desc, pl_stage) VALUES ('{$uid}', '{$member_name}', '{$amount}', '" . time() . "', '" . getGBK('来自其它应用的积分兑入') . "', 'app')"); } } } return new ApiResponse(1); }
function init($ctx) { parent::init($ctx); header('P3P:CP=" OTI DSP COR IVA OUR IND COM "'); $ref = $_SERVER['HTTP_REFERER']; $allow_domains = array('axelahome.com'); $allow = false; foreach ($allow_domains as $domain) { if (preg_match("/^http(s)?:\\/\\/[^\\/]*{$domain}\\//", $ref)) { $allow = true; break; } } if (ENV != 'dev' && !$allow) { _throw("非法的 Referer: " . htmlspecialchars($ref)); } $ctx->user = UC::auth(); }
function index($ctx) { $jump = htmlspecialchars(trim($_GET['jump'])); $host = Html::host(); if (!preg_match("/http(s)?:\\/\\/[^\\/]*{$host}\\//", $jump)) { $jump = ''; } // 验证 token $token = htmlspecialchars(trim($_GET['token'])); if (strlen($token) == 32) { $sess = WxTmpLogin::get_session($token); if ($sess) { WxTmpLogin::del_session($token); } } if (!$sess) { #if($token && !$_SESSION['wx_openid']){ # _throw("链接已经过期, 请重新获取微信消息!", 200); #} _redirect($jump); } session_start(); $_SESSION['wx_openid'] = $sess['openid']; $connect = WxConnect::get_by('wx_openid', $sess['openid']); if (!$connect) { setcookie(WxTmpLogin::COOKIE_KEY_AUTO_BIND_WX, 1, time() + 3600 * 24, '/'); Logger::info("not connected wx_openid: {$sess['openid']}"); UC::logout(); } else { $uid = $connect->user_id; $profile = Profile::get($uid); setcookie('ltz_wx_binded', 1, time() + 3600 * 24 * 365, "/"); // 已经绑定了,直接删除该cookie if (isset($_COOKIE[WxTmpLogin::COOKIE_KEY_AUTO_BIND_WX])) { setcookie(WxTmpLogin::COOKIE_KEY_AUTO_BIND_WX, '', time() - 1, '/'); } Logger::info("wx_openid[{$sess['openid']}] login, uid: {$uid}, {$profile->name}"); UC::force_login($profile); } _redirect($jump); }
function edit($uid, $username, $pwd, $email) { $user = $this->get_by_uid($uid); $ucsql = array(); $retv = 0; if ($username && $user['username'] != $username) { $ucsql['username'] = $username; $retv++; } if ($pwd && $user['password'] != md5($pwd)) { $ucsql['password'] = md5($pwd); } if ($email && $user['email'] != $email) { $ucsql['email'] = $email; } if ($ucsql) { $retv++; $this->db->update("UPDATE " . UC_DBTABLEPRE . "members SET " . UC::sqlSingle($ucsql) . ' WHERE uid=' . UC::escape($uid)); } return $retv; }
function uc_data_request($class, $method, $args = array()) { static $uc = null; if (empty($uc)) { require_once UC_CLIENT_ROOT . 'class_core.php'; $uc = new UC(); } $class = $uc->control($class); if (method_exists($class, $method)) { return call_user_func_array(array(&$class, $method), $args); } else { return 'error'; } }
function get_by_id($nid) { $data = $this->db->get_one("SELECT * FROM " . UC_DBTABLEPRE . "ucnotify WHERE nid=" . UC::escape($nid)); return $data; }
function escape($var) { if (is_array($var)) { foreach ($var as $key => $value) { $var[$key] = trim(UC::escape($value)); } return $var; } elseif (is_numeric($var)) { return " '" . $var . "' "; } else { return " '" . addslashes($var) . "' "; } }
function get22($uid) { $retv = array(); $query = $this->db->query("SELECT cid,value FROM uc_usercredit WHERE uid=" . UC::escape($uid)); while ($rt = $this->db->fetch_array($query)) { $retv[$rt['cid']] = $rt['value']; } return $retv; }
$myApp = $uc->load('app'); $applist = $myApp->applist(); $page < 1 && ($page = 1); $total = $db->get_one("SELECT COUNT(*) AS sum FROM pw_ucsyncredit"); $limit = S::sqlLimit($page - 1, 20); $creditdb = array(); $query = $db->query("SELECT u.*,m.username FROM pw_ucsyncredit u LEFT JOIN pw_members m ON u.uid=m.uid {$limit}"); while ($rt = $db->fetch_array($query)) { $creditdb[] = $rt; } include PrintEot('ucnotify'); exit; } else { S::gp(array('selid')); $basename .= '&action=syncredit'; if ($selid) { $db->update("DELETE FROM pw_ucsyncredit WHERE uid IN(" . S::sqlImplode($selid) . ')'); } adminmsg('operate_success'); } } elseif ($action == 'synupdate') { S::gp(array('uid', 'appid')); if ($uid && $appid) { require_once R_P . 'uc_client/class_core.php'; $uc = new UC(); $myCredit = $uc->load('credit'); $myCredit->synupdate($appid, array($uid)); } $basename .= '&action=syncredit'; adminmsg('operate_success'); }
function sqlMulti($array) { $str = ''; foreach ($array as $val) { if (!empty($val)) { $str .= ($str ? ', ' : ' ') . '(' . UC::implode($val) . ') '; } } return $str; }
//ifcheck($uc_client, 'ifcheck'); ${'ifcheck_' . intval($uc_server)} = 'checked'; include PrintEot('ucset'); exit; } else { InitGP(array('uc_server'), 'P', 2); setConfig('uc_server', $uc_server); if ($uc_server) { InitGP(array('uc_appid', 'uc_key')); if ($uc_server == '1') { $uc_appid = 1; !$uc_key && ($uc_key = randstr(20)); $db->update("UPDATE pw_ucapp SET uc='0'"); $db->pw_update("SELECT * FROM pw_ucapp WHERE id=" . pwEscape($uc_appid), "UPDATE pw_ucapp SET secretkey=" . pwEscape($uc_key) . ",uc='1' WHERE id=" . pwEscape($uc_appid), "INSERT INTO pw_ucapp SET " . pwSqlSingle(array('id' => $uc_appid, 'name' => $db_bbsname, 'siteurl' => $db_bbsurl, 'secretkey' => $uc_key, 'uc' => 1))); require_once R_P . 'uc_client/class_core.php'; $uc = new UC(); $myApp = $uc->load('app'); $myApp->checkColumns(); } elseif ($uc_server == '2') { InitGP(array('uc_dbhost', 'uc_dbuser', 'uc_dbpw', 'uc_dbname', 'uc_dbpre', 'uc_dbcharset')); $uc_appid = intval($uc_appid); (!$uc_appid || $uc_appid < 2) && ($uc_appid = 2); setConfig('uc_dbhost', $uc_dbhost); setConfig('uc_dbuser', $uc_dbuser); setConfig('uc_dbpw', $uc_dbpw); setConfig('uc_dbname', $uc_dbname); setConfig('uc_dbpre', $uc_dbpre); setConfig('uc_dbcharset', $uc_dbcharset); } } setConfig('uc_appid', $uc_appid);
<?php !function_exists('adminmsg') && exit('Forbidden'); if ($uc_server != 1) { $db_adminrecord = 0; $basename = "javascript:parent.closeAdminTab(window);"; adminmsg('uc_server_set'); } require_once R_P . 'uc_client/class_core.php'; $uc = new UC(); $credittype = pwCreditNames(); if (empty($action)) { $ucApp = $uc->load('app'); $applist = $ucApp->applist(); include PrintEot('uccredit'); exit; } elseif ($action == 'create') { $ucApp = $uc->load('app'); $applist = $ucApp->applist(); if (empty($_POST['step'])) { $setv = ''; include PrintEot('uccredit'); exit; } else { S::gp(array('cid', 'ctype')); $basename .= '&action=create'; if (!$cid || !isset($credittype[$cid])) { adminmsg('uc_cname_empty'); } !$uc_syncredit && ($uc_syncredit = array()); if (isset($uc_syncredit[$cid])) {